Enforce password policy without 'Enforce password expiration' checked

  • What would happened to SQL login account if I checked on 'Enforce password policy' only but not on 'Enforce password expiration' option?

    Previously all SQL login accounts were created without these options checked.

    Will SQL login will be prompt, immediately, for to change new password to comply with 'Enforce password policy' setting?

    Or nothing will happen because 'Enforce password expiration' option is not checked? This is production environment, so I want to check before I take any action. I don't want applications using sql account start failing.

    Thank you in advance for your time and help.

  • Enforce password expiration sets whether or not passwords expire after a given time period. enforce password policy sets whether or not sql passwords need to meet the complexity requirements of the server. If enfore pthe policy, not the expiration, the newly set passwords will need to meet the password complexity requirements of the server.

    Edit: I'm 95% sure of this, I would test this and not make a change like this in production without being 100% sure.

  • NJ-DBA (9/13/2011)


    Enforce password expiration sets whether or not passwords expire after a given time period. enforce password policy sets whether or not sql passwords need to meet the complexity requirements of the server. If enfore pthe policy, not the expiration, the newly set passwords will need to meet the password complexity requirements of the server.

    Edit: I'm 95% sure of this, I would test this and not make a change like this in production without being 100% sure.

    just tested... behavior is as described above on my server. that would make me about 99.5% sure you would get the same behavior.

  • In this case, all the SQL login accounts are already created in the past.

    I just need to checked only 'Enforce passowrd policy' option.

    Applications using these SQL account should keep running, right? Meaning, it should not prompt for to change password or break?

  • Yes. that's correct.

    You could test this by creating a new login which has a simple password, initally with no enforcement. Then changing it.

  • Old Hand, thank you for your time and support.

    How do you test using application? any simple application I can test on site also? thank you.

  • Just use managment studio to create a second connection using the login you create...

  • Thank you, Old Hand.

  • LOL, just FYI, it's NJ-DBA, or Warren is my name.... it's says "old hand" as my "level", like yours says "forum newbie"...

  • LOL

Viewing 10 posts - 1 through 9 (of 9 total)

You must be logged in to reply to this topic. Login to reply